<?php

/*
 +-------------------------------------------------------------------+
 |                   login.ctl.php                                 |
 |                                                                   |
 | Copyright ?                          www.gde.sclab.clarkson.edu   |
 | Author: Demetrios Dimatos            www.dimatos.net              |
 | Created: August 2006                 Last modified: Oct 15, 2006  |
 +-------------------------------------------------------------------+
 | This is the control file for login.php that contains all the      |
 | logic.                                                            |
 |  - /gde-1.0/templates/public/login.php                            |
 +-------------------------------------------------------------------+
*/

 // Include configuration variables
 include_once('/var/www/gde-1.0/htdocs/config.php');
 // Include database connnection
 include_once(Config::base_path.Config::database_path."database.php");
 // Include user functions
 include_once(Config::base_path.Config::user_func_path."user.php");
 // Include html functions
 include_once(Config::base_path.Config::html_func_path."html.php");
 // Start the SESSION vars
 if (session_id() == "")
 {
	 session_start();
 }
 
 // Create the database connection, remeber db_connect is not a class
 $db = db_connect(Config::db_type,Config::db_host,Config::db_username,Config::db_password,Config::db_database,0);
 
 // Create a user 
 $user = new User();
 
 // Lets see if the user is valid
 $answer = $user->Authenticate($_POST['username'],$_POST['password'], $db) ;
 
 if($answer == "empty")
 {
 	 message2html("\n[ You haven not entered a username and/or password ]\n","red");
 	 message2url("Go to login page.", 'http://'.$_SERVER['HTTP_HOST'].Config::url_public);
 }
 elseif ($answer == "badusername")
 {
 	 message2html("\n[ You have entered an invalid username ]\n","red");
 	 message2url("Go to login page.", 'http://'.$_SERVER['HTTP_HOST'].Config::url_public);
 }
 elseif ($answer == "badpassword")
 {
 	 message2html("\n[ You have entered an invalid password ]\n","red");
	 message2url("Go to login page.", 'http://'.$_SERVER['HTTP_HOST'].Config::url_public); 	 
 }
 elseif ($answer == "valid")
 {
 	 // Register the login username
 	 $_SESSION['username'] = $_POST['username'];
 	 
 	 // Register the login password
 	 $_SESSION['password'] = $_POST['password'];
 	 
 	 // Send user to logged-in page
 	 header("Location: ".'http://'.$_SERVER['HTTP_HOST'].Config::url_logged_in);
 }
?>